Your data protection rights under UK law
Last updated: 22 April 2026
Incuo Composite Doors is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page provides additional information about how we protect your rights under these regulations.
Incuo Composite Doors is the data controller for personal information collected through our website and services. This means we determine why and how your personal data is processed.
Contact details:
Incuo Composite Doors
Unit 14, Riverside Business Park
Chester Road, Birmingham
B35 7AH
Email: [email protected]
Under the UK GDPR, you have the following rights regarding your personal data:
You have the right to request a copy of the personal information we hold about you. This is known as a Subject Access Request (SAR). We will respond within one month of receiving your request.
If you believe any information we hold about you is inaccurate or incomplete, you have the right to request that we correct or complete it.
Also known as the "right to be forgotten", you may request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose for which it was collected.
You have the right to request that we limit how we use your personal data while we address any concerns you have raised about its accuracy or our processing activities.
Where technically feasible, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to have it transferred to another data controller.
You have the right to object to our processing of your personal data where we are relying on legitimate interests as our legal basis, or where we are processing your data for direct marketing purposes.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you. We do not currently use automated decision-making in our business processes.
To exercise any of your rights, please contact us at [email protected]. We may ask you to verify your identity before processing your request. We aim to respond to all requests within one month, though complex requests may take longer.
We process personal data based on one or more of the following legal bases:
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
We primarily process data within the UK. If any data is transferred outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the Information Commissioner's Office (ICO).
In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay. We will also report relevant breaches to the ICO within 72 hours of becoming aware of them.
If you are not satisfied with how we handle your personal data or respond to your requests, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk
We may update this GDPR information from time to time to reflect changes in our practices or legal requirements. Please check this page periodically for any updates.